Leveraging Knowledge to Manage Your Data Risks
On September 14, 2016, the Department of Education (DOE) issued a “Dear Colleague Letter” to provide guidance on the application of the Family Educational Rights and Privacy Act (FERPA) to the disclosure of student medical records in the context of litigation.
FERPA generally prohibits a school from disclosing personally identifiable information from a student’s education…
On May 13, 2016, the Department of Justice and the Department of Education issued a “Dear Colleague Letter” (DCL) describing reasonable steps to protect transgender students under Title IX of the Educational Amendments of 1972 (Title IX) as well as the Family Educational Rights and Privacy Act (FERPA).
Title IX prohibits discrimination on…
If the Hello Barbie complaints weren’t enough, now it has been announced that researchers determined that the kids’ toys, the Fisher-Price Smart Toy Bear and the hereO GPS watch, had some serious security vulnerabilities. The Smart Toy Bear’s backend programming used unsecured application programming interfaces (APIs) to allow portions of software code to interact. Sounds…
We wrote previously about the “Hell No Barbie Campaign” and the recent lawsuit against Mattel for its Hello Barbie doll privacy violations, but through all this hype, we have yet to learn exactly what Hello Barbie is truly capable of. In a new report, Hello Barbie isn’t so bright. First, in order for…
It seems that 2016 will mean MORE child identity theft. Why? Because with the increased amount of data collection from children and young adults at schools, health care facilities, retailers, and by advertising companies, hackers can gain access to centralized data systems with a plethora of high-value information from children. However, perhaps 2016 is also…
LAI Systems, LLC (LAI) and Retro Dreamer agreed to pay civil penalties of a combined $360,000 to settle charges issued by the Federal Trade Commission (FTC) that they violated the Children’s Online Privacy Protection Act (COPPA) by allowing advertising companies to use persistent identifiers, collected through their mobile apps, to elicit specific advertisements to children.…
On Monday, December 14, the Federal Aviation Administration (FAA) announced a “user-friendly” online aircraft registration system for owners of drones (or more officially called “small unmanned aircrafts”) that weigh more than 0.55 pounds but less than 55 pounds. This registration is a statutory requirement that applies to all types of aircrafts. Anyone who has owned…
We reported last month ago about the release of Mattel’s new Hello Barbie (and the “Hell No Barbie Campaign”), with the capability to ‘carry a conversation’ with a child using speech recognition software and storage of conversations in the cloud. This week, in Los Angeles Superior Court, two moms filed a class action on behalf…
This week, the Federal Trade Commission (FTC) determined that companies covered by the Children’s Online Privacy Protection Act (COPPA) can use facial recognition technologies to match a parent’s photo on a government-issued identification to “selfies” that the parent submits via mobile phone or webcam as a method of verifiable parental consent, as required by COPPA.…
As a general rule, the Children’s Online Privacy Protection Act (COPPA) requires operators of websites (including mobile apps) directed to children under the age of 13 to obtain verifiable parental consent before collecting personal information from those users. COPPA sets forth a non-exhaustive list of acceptable methods for obtaining parental consent. For example, operators can…
